[edk2-devel] [PATCH v4 5/9] MdeModulePkg/Core: Create Migrated FV Info Hob for calculating hash (CVE-2019-11098)

Laszlo Ersek lersek at redhat.com
Wed Jul 8 17:29:06 UTC 2020 

On 07/08/20 10:10, Guomin Jiang wrote:
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1614
> 
> When we allocate pool to save the rebased PEIMs, the address will change
> randomly, therefore the hash will change and result PCR0 change as well.
> To avoid this, we save the raw PEIMs and use it to calculate hash.
> 
> The MigratedFvInfo HOB will never produce when
> PcdMigrateTemporaryRamFirmwareVolumes is FALSE, because the PCD control
> the total feature.

[...]

> @@ -1278,7 +1294,19 @@ EvacuateTempRam (
>          (UINTN) MigratedFvHeader
>          ));
>  
> +      //
> +      // Copy the context to the rebased pages and raw pages, and create hob to save the
> +      // information. the MigratedFvInfo HOB will never produce when
> +      // PcdMigrateTemporaryRamFirmwareVolumes is FALSE, because the PCD control the
> +      // feature.
> +      //
>        CopyMem (MigratedFvHeader, FvHeader, (UINTN) FvHeader->FvLength);
> +      CopyMem (RawDataFvHeader, MigratedFvHeader, (UINTN) FvHeader->FvLength);
> +      MigratedFvInfo.FvOrgBase  = (UINT32) (UINTN) FvHeader;
> +      MigratedFvInfo.FvNewBase  = (UINT32) (UINTN) MigratedFvHeader;
> +      MigratedFvInfo.FvDataBase = (UINT32) (UINTN) RawDataFvHeader;
> +      MigratedFvInfo.FvLength   = (UINT32) (UINTN) FvHeader->FvLength;
> +      BuildGuidDataHob (&gEdkiiMigratedFvInfoGuid, &MigratedFvInfo, sizeof (MigratedFvInfo));
>  
>        //
>        // Migrate any children for this FV now
> 

Thank you for addressing my requests!

This patch should definitely be reviewed by PeiCore experts, but from my
perspective, I'm happy with the updates.

Acked-by: Laszlo Ersek <lersek at redhat.com>

Thanks
Laszlo


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#62254): https://edk2.groups.io/g/devel/message/62254
Mute This Topic: https://groups.io/mt/75372253/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list